What is a local exploit used by threat actors?
- SQL injections
- device cloning
- eavesdropping attack
- routing attack
Explanation: Some of the most popular local exploits targeted by threat actors are as follows:
Firmware replacement – Updates and patches to devices are usually done remotely. If the process is not secure, threat actors could intercept the update and install their own malicious update, in which case they could have full control over the device and begin attacking other devices in the system.
Cloning – By creating a duplicate device, both in physical form and with the software and firmware running on that device, the threat actor could replace a legitimate device. When the device is up and running, the threat actor could then steal information, or compromise additional devices.
Denial of service (DoS) – The threat actor could launch a DoS attack to fill the communications channel causing devices to respond to requests late, or not at all. Depending on the devices, this could cause a lot of damage.
Extraction of security parameters – When a device is not protected properly, the threat actor may be able to extract security parameters from it such as authentication information or security keys.
More Questions: IoT Sec 1.1 Fundamentals: IoT Security Final Exam Answers